CYBER WARFARE ADVISORY COUNCIL ON INTERNATIONAL AFFAIRS ADVIESRAAD INTERNATIONALE VRAAGSTUKKEN

Size: px
Start display at page:

Download "CYBER WARFARE ADVISORY COUNCIL ON INTERNATIONAL AFFAIRS ADVIESRAAD INTERNATIONALE VRAAGSTUKKEN"

Transcription

1 CYBER WARFARE No 77, AIV / No 22, CAVV December 2011 ADVISORY COUNCIL ON INTERNATIONAL AFFAIRS ADVIESRAAD INTERNATIONALE VRAAGSTUKKEN ADVISORY COMMITTEE ON ISSUES OF PUBLIC INTERNATIONAL LAW COMMISSIE VAN ADVIES INZAKE VOLKENRECHTELIJKE VRAAGSTUKKEN AIV CAVV

2 Members of the Advisory Council on International Affairs Chair Vice-chair F. Korthals Altes Professor W.J.M. van Genugten Members Ms L.Y. Gonçalves-Ho Kang You Professor J. Gupta Dr P.C. Plooij-van Gorsel Professor A. de Ruijter Ms M. Sie Dhian Ho Professor A. van Staden Lt. Gen. M.L.M. Urlings (ret.) Ms H.M. Verrijn Stuart Professor J.J.C. Voorhoeve Executive Secretary T.D.J. Oostenbrink P.O. Box EB The Hague The Netherlands Telephone /6060 Fax

3 Members of the Advisory Committee on Issues of Public International Law Chair Professor M.T. Kamminga Members Professor K.C.J.M. Arts Dr A. Bos Dr C.M. Brölmann Professor M.M.T.A. Brus Dr A.G. Oude Elferink Professor T.D. Gill Professor L.J. van den Herik Dr N.M.C.P. Jägers Professor J.G. Lammers Professor W.G. Werner Professor R.A. Wessel Civil service liaison Professor E. Lijnzaad Executive Secretaries Ms W.E.M. van Bladel Ms M.A.J. Hector

4 Members of the Cyber Security Committee Chair Lieutenant General M.L.M. Urlings (ret.) AIV members D.J. Barth Dr I. Duyvesteyn Dr P. van Ham Major General C. Homan (ret.) Dr P.C. Plooij-van Gorsel J. Ramaker Ms H.M. Verrijn Stuart CAVV members Professor T.D. Gill Professor L.J. van den Herik Professor M.T. Kamminga External expert Professor M.J.G. van Eeten Executive Secretary A.D. Uilenreef

5 Contents Foreword Introduction 9 I The cyber threat and the armed forces capabilities 11 I.1 Nature and intensity of cyber conflicts 11 I.2 Operational cyber capabilities 12 II The international legal framework 20 II.1 Cyber attacks and jus ad bellum 20 II.2 Cyber attacks and jus in bello 23 III International cooperation 27 III.1 International standards of conduct 27 III.2 International cooperation in the framework of NATO and the EU 30 IV Conclusions and recommendations 34 Annexe I Annexe II Annexe III Annexe IV Request for advice Abbreviations Terms and definitions Interviewees

6 Foreword By letter of 30 August 2011, the Minister of Foreign Affairs and the Minister of Defence, together with the Minister of Security and Justice, asked the Advisory Council on International Affairs (AIV) and the Advisory Committee on Issues of Public International Law (CAVV) to prepare an advisory report on cyber security. They asked the following 12 questions on the central issue of the significance of developments in cyberspace to the Netherlands foreign, security and defence policies: 1. What are the political and military objectives for which operational cyber capabilities should be developed? How can they be deployed? 2. What is the nature and role of operational cyber capabilities in military operations? 3. Under what circumstances can a cyber threat be regarded as the threat or use of force within the meaning of article 2, paragraph 4 of the UN Charter? 4. Under what circumstances can a cyber attack be regarded as an armed attack against which force may be used for self-defence on the basis of article 51 of the UN Charter? 5. When do the humanitarian laws of war apply to acts performed in the digital domain? 6. Are they the same as those applying to the kinetic use of force? 7. If so, how should we interpret the law-of-war principles of distinction and proportionality and the obligation to take precautionary measures? 8. In the digital domain, how should we interpret the international law concepts of sovereignty and neutrality? 9. To what extent can international standards of conduct for the use of the digital domain contribute effectively to increasing cyber security? 10. Can we learn from experiences with existing codes of conduct, for example in the area of non-proliferation? 11. How can NATO and the EU apply the principles of common defence and deterrence and the solidarity clause to cyber threats? 12. How can NATO and the EU improve information exchange for the purpose of analysing threats? The first part of this report considers the nature of cyber conflicts and the Dutch armed forces development of appropriate operational capabilities in this area. The second part looks at relevant aspects of international law, in particular the conditions governing the use of force and the application of international humanitarian law. The third part considers international cooperation, including

7 agreements on standards of conduct aimed at reducing cyber conflicts and on cooperation within NATO and the EU. The report closes with a summary of the main conclusions and recommendations. The advisory report was prepared by a joint committee of members of the AIV and CAVV. It was chaired by Lieutenant General M.L.M. Urlings (ret.) and consisted of D.J. Barth, Ms I. Duyvesteyn, Professor T.D. Gill, Professor L.J. van den Herik, Dr P. van Ham, Major General C. Homan (ret.), Professor M. Kamminga, Dr P.C. Plooij-van Gorsel, J. Ramaker and Ms H.M. Verrijn Stuart. Professor M.J.G. van Eeten of Delft University of Technology sat on the committee as external expert. The committee was assisted by civil service liaison officers Ms L.C. den Breems (Ministry of Foreign Affairs, DVB/VD), M.A. Veenendaal (Ministry of Defence, DAB), Ms E. van Beurden (Ministry of Security and Justice) and the executive secretary of the CAVV, Ms M.A.J. Hector. The committee s secretariat was headed by A.D. Uilenreef, assisted by the trainees A.P. Smit and Ms S. de Jong. The experts the AIV interviewed for this report are listed in annexe IV. The AIV/CAVV is grateful to them for their assistance. The advisory report was adopted at a meeting of the CAVV on 6 December 2011 and at a meeting of the AIV on 16 December 2011.

8 Introduction Cyber and the need for demystification Cyber security is a relatively new phenomenon that has rapidly become a focal point for politicians, policymakers, academics and the media. At the same time, though, cyberspace has been described as terra nullius, currently beyond the reach of mature political discourse. 1 It is the AIV and CAVV s aim to contribute to the discourse within the Dutch context. Involvement in cyber conflicts must be tested against political beliefs and the principles of international law. The discourse on this new threat may not be dominated by military and technological responses. As cyberspace inevitably crosses borders, cyber security should be strengthened chiefly through international cooperation. The AIV and CAVV have based this joint report on a sober analysis of the issue, avoiding technical jargon wherever possible and resisting popular parallels in science fiction. Their overriding consideration is that although the phenomenon may be new, we are not facing technological innovation for the first time in history and established principles can help us formulate a response. Definitions and risk of confusion Since cyber security is a relatively new phenomenon, we first outline the terminology used in this report. Cyber security is defined as freedom from danger or damage due to the disruption, breakdown, or misuse of ICT. The danger or damage resulting from disruption, breakdown, or misuse may consist of limitations to the availability or reliability of ICT, breaches of the confidentiality of information stored on ICT media, or damage to the integrity of that information. 2 Apart from failure due to technical weaknesses or natural occurrences, cyber security can be threatened by cyber warfare, cyber espionage, cyber terrorism, cyber activism and cyber crime. These phenomena must be defined not only to ensure the advisory report is understood correctly but also to prevent these different forms of threat creating conceptual confusion at political and policy level. This does not mean the threats are not interrelated. On the contrary, states may use criminal organisations or hacktivists, for instance, to engage in espionage. The techniques used are often similar; only the intended objective is different. Identifying the objective is particularly important when deciding on the correct national response to a particular threat, if only to reduce the risk of overreaction. The government needs to adopt clear and uniform definitions. Internationally, too, governments and organisations should agree on uniform interpretations if they are to make international agreements to address cyber threats. In this report, cyber warfare is defined as the conduct of military operations to disrupt, mislead, modify or destroy an opponent s computer systems or networks by means of cyber capabilities. The key criteria that define cyber warfare are: 1) the presence of a military operation aimed at achieving a political or military advantage, 2) the causing of damage to the opponent s cyber infrastructure; and 3) the use of cyber capabilities (since computer systems can also be destroyed using kinetic capabilities). Cyber espionage is defined as the clandestine gathering of information on networks or information systems by governments or enterprises to further their diplomatic, military or economic interests. 1 Chatham House, On Cyber Warfare, November National Cyber Security Strategy, 22 February

9 Cyber terrorism is defined as the attempt, using cyber capabilities, to seriously disrupt a society or parts of a society in order to achieve a political objective. Cyber activism (also known as hacktivism) is defined as: an individual or group s penetration and subsequent disruption or modification of networks or information systems in order to raise awareness of a political ideology or social belief. Cyber crime is defined as criminal activity involving the use of networks or information systems to obtain a financial or other advantage. In accordance with the request for advice, this report considers cyber security in relation to the Netherlands foreign, security and defence policies. It thus pays only passing attention to cyber crime. Where necessary, links with cyber crime are considered, as it is not always entirely clear in practice what form of threat is involved. 10

10 I The cyber threat and the armed forces capabilities I.1 Nature and intensity of cyber conflicts The cyber threat The government observes in its request for advice that reliance on the performance of digital networks presents new security risks. The current threat assessment recognises that citizens, public authorities and enterprises are vulnerable to cyber abuse and that cyber crime is becoming more sophisticated, and points to various examples of cyber espionage from abroad. 3 A variety of techniques is used, such as botnets and malware. Similar attacks are also a feature of military operations. Examples include the disruption of internet traffic and military communication systems in Georgia (2008) and the Stuxnet attack on process control systems at a nuclear enrichment facility in Iran (2010). The threat is real, not virtual. Even the report commissioned by the OECD, Reducing Systematic Cybersecurity Risk, which questions the impact of the threat, concludes that the deployment of cyber weapons is already widespread and that it is a safe prediction that the use of cyberweaponry will shortly become ubiquitous. 4 Although the existence of cyber threats as such is not in dispute, there is uncertainty about their extent and influence. The government recognises in the available trend analyses that research into the subject is still in its infancy. 5 The available quantitative studies are in general so statistically unreliable and subjective that no useful conclusions can be drawn from them. 6 The Dutch organisation Bits of Freedom has therefore called for an independent and scientifically-sound baseline study of the nature and extent of cyber security issues. 7 The AIV/CAVV recognises the importance of more systematic and quantitative research into the extent of the threat. Since the problem is transnational and available capabilities can accordingly best be pooled, the AIV/CAVV recommends that the government initiate such an independent study at EU and NATO level. Using public and classified information from sources including the police, intelligence services and the business community, the Dutch government s Cyber Security and Incident Response Team (GOVCERT.NL) has estimated the threat to our cyber security. It found that cyber crime is becoming more targeted and more sophisticated and now accounts for the majority of all cyber incidents. It also noted that public authorities and enterprises are regularly the victims of cyber espionage and that recent incidents worldwide suggest that 3 Het Nationale Trendrapport Digitale Veiligheid en Cybercrime Cybersecuritybeeld Nederland (National Trends in Cyber Security and Cyber Crime 2010, Cyber Security Threat Assessment for the Netherlands), December P. Sommer and I. Brown, Reducing Systematic Cybersecurity Risk, OECD/IFP Project on Future Global Shocks, 14 January Cybersecuritybeeld Nederland, December 2011, GOVCERT.NL, p D. Florêncio and C. Herley, Sex, Lies and Cyber-crime Surveys, Microsoft Research, <http://www.research. microsoft.com/pubs/149886/sexliesandcybercrimesurveys.pdf>. 7 Bits of Freedom, Kamerbriefing Nationale Cybersecurity Strategie, 27 May

11 the threat is growing. Terrorists currently initiate very few cyber attacks; they tend to use the internet simply as a propaganda and recruitment tool. With regard to cyber warfare, the existing analyses go no further than stating that this threat is currently the least prevalent but its potential impact is probably the greatest. 8 Some fairly sensationalist publications by foreign trend watchers suggest that wars will in future be fought and won in cyberspace. 9 As explained below, the AIV/CAVV considers a cyber war, fought solely in cyberspace, unlikely. The use of such descriptions, moreover, is not conducive to a good understanding of the issue. A fifth domain for military action References to cyberspace sometimes suggest that it is a distinct space that has no relationship to time, place or human action. Cyberspace, however, is nothing more or less than the sum of all ICT equipment and services. It consists not only of the internet but also of all the networks and other digital devices that are not connected to the internet. 10 If we put this in the context of military activities, cyberspace can be regarded as a fifth theatre of operations albeit one with specific characteristics that interacts with the other four domains of military operation: land, sea, air and space. Operations in the fifth domain can therefore act as a force multiplier in the other domains. Activity in the other domains, incidentally, is now barely even possible without the use of digital equipment. Wars were originally fought only on land and at sea. At the beginning of World War I, aerial warfare added a third domain. A fourth space acquired operational significance in the 1980s with the development of anti-satellite missiles and the Strategic Defence Initiative ( Star Wars ). With the development and spread of the internet and the digitisation of society in general, we can also talk of a fifth domain, the only one to have been created by man. It is now possible to launch cyber attacks as part of a military operation. In essence, this is the use of a military means cyber capability to help achieve a political end. In some of the best-known examples, such as those mentioned above, cyber attacks have been conducted in conjunction with conventional operations. In the Stuxnet case the infected programme had to be smuggled into the Iranian enrichment facility by means of a physical human intelligence operation. Of course, a military operation may also consist solely of cyber attacks. It would be technically feasible, using such means only, to disrupt parts of a country s critical infrastructure, at least temporarily. Cyberspace is expected to be an important arena in every future conflict. However, a cyber war, fought with devastating consequences solely in cyberspace, is unlikely. The more narrowly defined term cyber warfare is therefore used in this report. Cyber warfare may be regarded as part of a military operation that can include other (non-cyber) dimensions. I.2 Operational cyber capabilities Political and military objectives What are the political and military objectives for which operational cyber capabilities should be developed? Political objectives should precede military objectives. To quote the military theoretician Carl von Clausewitz: War is the continuation of politics by other means. The starting point should therefore be to align with the Netherlands foreign policy objectives, 8 Het Nationale Trendrapport 2010, p R.A. Clarke and R.K. Knake, Cyber War: The next threat to national security and what to do about it, HarperCollins Publishers Inc, Het Nationale Trendrapport

12 whereby the Dutch government seeks to strengthen three pillars: security, prosperity and freedom. It does so by promoting international stability and security, energy and raw material security, the international legal order including human rights and trade and economic interests. 11 The government is aware of the close relationship between internal and external security given the open nature of Dutch society with its strong international ties. This is an important factor in the prosperity of our country but it also makes us vulnerable. The threats of the 21st century are transnational in character and are posed by both state and non-state actors. The government has set the armed forces three core tasks: defending national and allied territory; protecting and promoting the international legal order and international stability; and supporting the civil authorities. 12 In practice, this means that the Netherlands will use all the resources at its disposal to it to defend national and allied territory. The armed forces carry out the second core task protecting and promoting the international legal order and international stability by participating in EU and NATO intervention and stabilisation operations and by taking part in ad hoc coalitions and police missions. The third core task is fulfilled by providing ad hoc assistance to civil authorities (e.g. disaster relief, maintaining public order and security) and performing regular duties such as border control by the Royal Military and Border Police, coastguard management by the Navy and explosive disposal activities. The deployment of operational cyber capabilities should facilitate these core tasks. A secure and properly functioning digital network is essential to the prosperity of the Netherlands with its strong international logistics and service sector. The Netherlands has one of the highest internet densities in the world. The freedom to exchange thoughts peacefully on the internet anywhere in the world ties in with the importance the Netherlands attaches to respect for human rights and fundamental freedoms. Secure digital services are vital to ensuring public confidence in the government. Combating cyber threats is in the interests of national security. The AIV/CAVV would emphasise that such threats (the extent of which, as noted above, is not known) should be tackled first and foremost using non-military means. In addition to the important contribution that can be made by private parties, diplomatic efforts have a role to play, such as the agreement of international standards of conduct on the management of potential cyber conflicts. We return to this topic in section III.1. In addition to developing operational cyber capabilities, it is also important to invest in coherent cyber diplomacy so that a broad pallet of well thought-out measures can be considered in response to concrete threats. These may range from exerting political pressure and imposing economic sanctions to pressing for criminal law measures and in the final instance the use of authorised force. Operational cyber capabilities part of the military capability can be a means to achieve a political end. Their use requires a clear political framework. Owing to the transnational character of most security threats (and particularly cyber threats), there is a strong relationship between external and internal security. The Netherlands, however, does not have an integrated strategy on foreign and domestic security policy. The existing national security 11 Coalition Agreement and explanatory memorandum of the Ministry of Foreign Affairs, The promotion of the international legal order is also laid down in the Constitution (article 90). 12 The Constitution (article 97) provides that the armed forces are for the defence and protection of the interests of the Kingdom and to maintain and promote the international legal order. This is elaborated further in the Defence White Paper (2000) and subsequent government documents. 13

13 strategy has a national focus and does not recognise the promotion and enforcement of the international legal order as a vital interest. 13 In the AIV/CAVV s view, operational cyber capabilities and developments in this area should be included in an integrated strategy for domestic and foreign security policy. Such a strategy should provide an insight into the objectives, how they will be achieved and the resources that will be deployed in the process. Nature of operational cyber capabilities The specific characteristics of cyber weapons 14 have implications for their operational deployment in cyberspace. Firstly, cyber attacks usually have an indirect impact. Since everything on the internet is so closely interrelated, an attack on a military system can have consequences for civil networks. The extent and seriousness of the consequences are not known in advance. It is difficult to distinguish between combatants and non-combatants. Initial costs are also relatively modest: it is easier and cheaper to buy the equipment needed for a cyber attack than to buy an aeroplane or tank. This does not mean, however, that every cyber attack can be carried out with easy-to-obtain equipment. Planning and executing a technically complex attack requires specialised knowledge. This need is often underestimated but is particularly relevant to the intelligence operations that precede an attack. Cyber weapons also have a limited shelf life. Unlike traditional weapons, sophisticated cyber attacks (which actually consist of programming language) can instantly become obsolete and need to be kept secret. 15 The moment a cyber weapon is deployed or otherwise becomes known, the weaknesses it exploits can be identified and rectified. In this respect the traditional arms race has been replaced with a new race in digital expertise and skills. Finally, cyber attacks are difficult to attribute to a state, group or individual. The problem of attribution plays a key role in the discussion of the deployment of cyber weapons, and is considered in more detail below. These characteristics mean that cyber weapons can be deployed asymmetrically. Countries without advanced kinetic capabilities, hackers and other non-state actors can obtain the necessary equipment and if they have no concern for the potential indirect consequences use it at relatively low cost without needing an extensive military organisation. They are further abetted by the fact that aggressors are difficult to identify. In addition, cyberspace is characterised by offensive dominance: it is easier, faster and cheaper to attack a system than it is to defend it. This is partly because an aggressor can prepare an attack anonymously and exploit the element of surprise. In all probability, however, there is no first strike capability that can destroy an opponent s defences and its ability to retaliate using cyber or kinetic weapons. Finally, monitoring the use of cyber weapons is difficult to regulate. They are easy to hide and unlike nuclear weapons can be developed and tested in secret. Non-proliferation and standard-setting in this area are considered in section III.1. As noted above, the problem of attribution is a key factor in the discussion of policy on cyber weapons. The perpetrators of espionage or minor attacks are difficult to identify. An attacker can use a chain of hacked computers to conduct espionage or a botnet of infected 13 P.A.L. Ducheine and J.E.D. Voetelink, Cyberoperaties: naar een juridisch raamwerk (Cyber operations: towards a legal framework), Militaire Spectator, 180(6). 14 This weapon analogy requires some qualification. Cyber weapons primarily involve technological knowledge and skills. 15 The New York Times, U.S. Debated Cyberwarfare in Attack Plan on Libya, 17 October The article names this as one of the reasons for not deploying cyber capabilities in Libya. 14

14 computers to cause damage. A government can respond by using non-state actors such as patriotic hackers. Conversely, hackers may declare their support for a state without actually supporting it at all. All these factors can have consequences for the use of offensive action against an aggressor. The inability to identify an aggressor makes launching a counterattack complicated. It is technically possible to identify the source of an attack (a computer s IP address) and direct a counterattack against it by means of trace-back applications. But the computer identified as the source may only be a link in the attack. If the systems involved have been compromised, the perpetrator of the initial attack will not be known. However, it is certainly not impossible to identify an attacker and it is not always necessary to use the internet to do so. Other sources can be used (non-technological attribution), such as intelligence services, political declarations (e.g. claims of responsibility for an attack or previous public threats) and other indications that may point to a potential perpetrator. If the origin of the attack is known with sufficient certainty, exercising the right of self-defence could be justified under certain conditions. These conditions are considered in chapter II. The role of cyber capabilities in military operations The Minister of Defence wants the armed forces to develop offensive as well as defensive cyber capabilities. The Knops motion (December 2009) argued that defensive capabilities were not enough. 16 To decide what role operational cyber capabilities should play in military operations, the meaning of defensive and offensive capabilities must first be clear. This is not always the case in the public debate. This also affects the applicable legal framework. The Intelligence and Security Services Act 2002 (WIV 2002), for example, applies to cyber intelligence operations while jus in bello applies to the digital destruction of an opponent s air defences. The legal implications are considered in chapter II. In the table below, the different types of operational cyber activity are grouped into defensive, intelligence and offensive activities and classified as network defence, network exploitation and network attack. 16 Knops, Voordewind and Eijsink motion, House of Representatives, , X, no

15 Defensive activities - Securing/monitoring own networks (including weapons systems) network defence (passive defence) - Securing defence industry network connection network defence (passive defence) - Neutralising counterattack to protect systems (e.g. disrupting command & control of botnets or taking control of/sabotaging an aggressor s system using malware) network attack (active defence) Intelligence activities - Tapping/accessing internet traffic (interception of IP data or underlying protocols) network exploitation - Monitoring the volume and patterns of data traffic on foreign networks network exploitation - Clandestine penetration of systems to download data (e.g. by means of exploits) network exploitation - Counter-intelligence activities (e.g. manipulation or disruption of third-party cyber intelligence activities) network exploitation Offensive activities - Psychological operations (e.g. communicating with the public or public authorities via a hacked network) network attack - Eliminating/disrupting the opponent s command, control and communication functions and other defence systems (distributed denial-of-service (DDoS) attacks) network attack - Destruction of critical infrastructure (e.g. influencing utility companies process management systems) network attack Operational cyber activities The Ministry of Defence and the armed forces use digital applications for a variety of purposes ranging from command and control to operational management. These applications must be adequately protected. The security of defence systems can consist of static defence, such as a firewall or other application that makes it difficult to penetrate a system, and dynamic defence, which monitors for suspect activity within the operator s own networks. A network can also be protected by counterattacking the aggressor s systems. 16

16 Cyberspace is becoming more and more important in intelligence gathering. An intelligence service s cyber capabilities contribute to the information available on the nature and source of real or potential cyber threats and the ability to penetrate and exploit networks for intelligence operations. A person or organisation can be bugged in cyberspace by intercepting IP data or monitoring activity on third-party networks. Data on other computers or networks can also be copied. A distinction can be made in intelligence gathering between intercepting data traffic on the one hand and penetrating a system on the other. The former involves analysing data patterns (i.e. the volume and direction of data traffic) and listening in to data traffic, possibly with the aid of intercepted encryption codes. The latter involves gaining access to a network by installing malware, exploiting system weaknesses or using social engineering techniques. Offensive cyber capabilities can be deployed in military operations. It is the armed forces ambition to develop not only defensive cyber capabilities but also offensive capabilities. Cyber attacks are operations to disrupt, damage or destroy computers and networks or the information on them. 17 Many forms of cyber attack are possible, such as disrupting an opponent s command functions by exploiting weaknesses contained in them. Other attacks, for example on critical infrastructure, can result in physical damage and human injury. The same techniques are often used for both attacks and exploitation; only the objective is different. A Trojan horse that surreptitiously downloads data from a penetrated network for intelligence purposes, for example, can later be used to destroy the data on that network. In addition to the actual use of operational capabilities, an important function of military power is deterrence. This raises the question of what role offensive cyber capabilities can play to deter both state and non-state actors. A credible deterrent must be based on a potential opponent s belief that capabilities exist and will be deployed to retaliate for an attack or prevent an imminent attack. 18 There are problems with the application of this principle in cyberspace, however. An adequate cyber deterrent requires a means of early detection. A country s conventional and nuclear capabilities are usually known but cyber weapons can be developed and tested in complete secrecy. The attack itself can take place at the speed of light. Human decisions on countermeasures will always be one step behind. The use of defensive measures with automatic retaliation capabilities entails the risk of the wrong targets being hit or of the response being disproportionate. Furthermore, if the motive for an attack is not known it may be difficult to decide on a proportional response. Was the attack conducted with a view to cyber espionage or something more harmful? 19 Finally, as noted above, there is the problem of attribution. Consequences for the operational deployment of armed forces Legal parameters. The deployment of cyber weapons, like that of any weapon system, is subject to international legal restrictions. These are considered in the next chapter. The WIV 2002 also places restrictions on the use of cyber capabilities in intelligence work. Firstly, while messages could be intercepted in the past (subject to the necessary ministerial 17 Based on the definition of the National Research Council, Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities, 2009, pp UK warns it will strike first against cyber-attackers. Interview with UK foreign minister William Hague, The Sun, 18 October Under international law, cyber espionage can lead only to diplomatic retaliation, no matter how harmful the loss of information is. 17

17 permission) by listening in to satellite traffic, this method can now be used to trace only part of the data that makes up a message. Messages are broken down into data packets and transmitted via different channels using, for example, optical fibre. Under section 27 of the current WIV, only wireless data may be intercepted at random. 20 In the light of technological advances, the AIV/CAVV recommends that a review be conducted of whether the current distinction between wired and wireless data should be retained. Secondly, the AIV/CAVV notes that section 24 of the WIV provides for the exploitation of a network by downloading data from another network by placing an exploit (such as a Trojan horse or virus). 21 However, it rightly prohibits an intelligence service from using a local exploit in a network attack that has a military objective aimed at modifying or damaging a system. Such an attack must be conducted under the responsibility of the Chief of Staff of the Armed Forces with prior political authorisation. Within the armed forces, clear procedural agreements flowing from this segregation of duties must also be made in respect of cyberspace. Technical restrictions. As noted above, the specific characteristics of cyber weapons also place restrictions on their responsible operational deployment. It cannot always be foreseen how and to what extent the indirect consequences of their deployment will affect civilian systems. The deployment of cyber capabilities in a military operation, for example to eliminate an air defence system, is also technically complex and can require lengthy preparation. If rapid intervention is required and there is no need to keep the operation secret, the use of kinetic forces can be considered. The problem of attribution is also a complicating factor in the deployment of cyber weapons. Personnel and financial capacity. Despite the sweeping spending cuts in the armed forces, the Ministry of Defence has announced it intends to strengthen the Netherlands digital defences and to develop greater operational cyber capabilities. An operational cyber task force was established on 1 January 2012 and a budget of K50 million allocated for the period up to It will be spent largely on improving the protection of the Ministry s networks, systems and data and expanding its cyber intelligence capabilities. This is a relatively modest amount in the light of the overall defence budget and the investments being made in cyber capabilities by other countries (especially the US and UK). The Ministry of Defence also needs to build up sufficient expertise in order to deploy its operational cyber capabilities. It will do so by strengthening DefCERT (the Defence Computer Emergency Response Team) and setting up the Defence Cyber Expertise Centre. Some of this specialised expertise will have to be recruited externally. However, public sector terms and conditions of employment make it difficult to recruit high-quality IT specialists and skilled hackers. The corporate culture, moreover, holds little appeal for hackers and seems to form a greater obstacle than financial terms of employment. Using cyber volunteers or cyber reservists, as some countries do, is not a cure-all either. There may be insufficient enthusiasm in the Netherlands for individuals to register as qualified volunteers, and the confidential nature of the information concerned means their use would be limited in any event. Cyber reservists could play a role, for example, in training staff at the Ministry of Defence. They could also be used to a limited extent in planned operations. But should the armed forces need additional capacity in the event of an (imminent) attack on Dutch 20 WIV 2002, section 27, subsection 1: The services are authorised to intercept and record, with the aid of a technical device, random wireless telecommunications. The powers referred to in the first sentence include the power to decrypt the telecommunications. 21 Pursuant to this section, the intelligence services may use a technical device to penetrate an automated network and copy the data stored in it. 18

18 networks, there is a risk that the companies that employ such IT specialists would need all the expertise at their disposal. Civil-military cooperation in cyber security Civil-military cooperation in cyber security touches upon the third core task of the armed forces. Since military and civil networks are closely connected on the internet and one of the armed forces tasks is to assist civil authorities, cooperation in cyber security seems to be a logical step. We noted at the beginning of this report that it is difficult to make a strict distinction between the various forms of cyber threat. When a system is penetrated, it is not immediately clear which actors are responsible (e.g. hacktivists, criminals or states) and what the motivation for the attack is. The techniques used are largely the same. An appropriate response requires an integrated government strategy. The importance of such a strategy was recently underlined by the DigiNotar incident. The government took a significant step by preparing a National Cyber Security Strategy and setting up the National Cyber Security Centre (NCSC) under the responsibility of the Minister of Security and Justice in January The Centre s exact ambitions are not yet fully crystallised. The breadth and depth of its tasks will be determined by its growth model. For the time being, the Centre is expected to concentrate on information exchange and crisis management. GOVCERT.NL will become part of the Centre and the Ministry of Defence, like other relevant government organisations, will appoint a liaison officer (probably from the Military Intelligence and Security Service; MIVD) to it. Partly in view of the scarcity of technical knowledge and capability, the AIV/CAVV would advocate an even more integrated approach. The Centre could develop in due course into a kind of national CERT responsible for aggregated monitoring of vital networks, making more use of the capabilities already present at GOVCERT.NL, the MIVD, the General Intelligence and Security Service (AIVD) and the Dutch Police Services Agency (KLPD) and complemented at times by commercial organisations and academic institutions. Pooling this knowledge and skills must not reduce the formal responsibilities of the various client organisations within central government and must not weaken their statutory powers and relationship with foreign partners. The Ministry of Defence, for example, is responsible primarily for protecting its own networks and the networks used to exchange confidential information with allies and the defence industry. Any cyber attack (or counterattack) against a state should also be conducted by the armed forces. Finally, it is worth noting that where intelligence is concerned, there is also scope for more cooperation between the AIVD and the MIVD. The AIV/CAVV recommends combining the available capital- and knowledge-intensive signals intelligence (SIGINT) and cyber capabilities into a joint unit. 19

19 II The international legal framework II.1 Cyber attacks and jus ad bellum Prohibition of the use of force Article 2, paragraph 4 of the United Nations Charter prohibits the threat or use of force in international relations. This prohibition is often considered a rule of peremptory international law that permits no exceptions except in recognised exceptional cases. The customary interpretation of this provision is that all forms of armed force are prohibited. Purely economic, diplomatic and political pressure or coercion is not defined as force under article 2, paragraph 4. Suspending trade relations or freezing assets, for example, can be very disadvantageous to the state affected but has not to date been considered a prohibited form of force within the meaning of the Charter. Armed force that has a real or potential physical impact on the target state is prohibited. However, such force is not restricted to the kinetic impact of conventional weapons systems. The distinction between armed force and other forms of force depends on whether the force caused or could have caused death, injury or damage to goods or infrastructure. Such force is prohibited if it is more than an isolated, minor incident. Any use or threat of armed force is prohibited under both the UN Charter and customary international law. Armed force is generally seen as force which has the power to inflict casualties or cause physical damage. A use of force which rises to the level of an armed attack is considered further below. The right of self-defence Article 51 of the United Nations Charter confirms the right of self-defence against armed attack. It is a temporary right that may be exercised until the Security Council has taken appropriate measures. In its judgment in the Nicaragua case, the International Court of Justice (ICJ) established that the right of self-defence arose from the Charter and customary law. The Charter does not state what forms of force can constitute an armed attack or how it should be decided that such an attack has commenced. This must be determined by the customary law on the exercise of the right to self-defence on which article 51 is based. It is generally thought that an armed attack requires the significant use of armed force that exceeds the level of a minor armed incident or criminal activity. With regard to the time at which an armed attack commences, customary law is generally understood to permit a response to an immediate and unmistakable threat of an armed attack ( imminent threat ). 22 It is generally accepted that an armed attack can be carried out directly by a state s armed forces or indirectly by armed groups operating under the authority or control of a state. For the latter to be an armed attack, the ICJ ruled (in the Nicaragua case) that the scale and consequences of an indirect attack must be comparable to those of a direct, conventional armed attack by a state. There is less agreement on the degree of control a state must exercise over an indirect armed attack. The ICJ s standard is effective control, but the International Criminal Tribunal for the former Yugoslavia (ICTY), in its judgment in the Tadic case, settled on the slightly broader standard of overall control, albeit in the slightly different context of criminal law. Both forms of armed attack are carried out by or under the control of a state. Since the attacks of 11 September 2001, there has been a third possibility not considered in the Nicaragua judgment: that of an organised armed group carrying out an armed attack of 22 See: AIV/CAVV advisory report number 36, Pre-emptive Action, July

20 its own volition without state control or substantial state influence. The ICJ has not yet adopted a clear position on this matter. In practice, states and the UN Security Council have recognised since 11 September that an organised group can in principle be the author of an armed attack and that a response to such an attack can be qualified as self-defence. It seems reasonable to assume that the attack should be comparable to one carried out either directly by a state or by an armed group under the control or substantial influence of a state. If this third possibility is accepted, it must be asked against whom or what self-defence should be directed and whether it can take place in the territory of a state not directly involved in the attack. These questions are considered separately below in the light of the criteria of necessity and proportionality when the right of self-defence is invoked. Cyber attack Can a cyber attack against a computer or information system without the deployment of kinetic weapons qualify as an armed attack within the meaning of article 51 of the UN Charter? Nothing in article 51 or customary international law specifically excludes a particular type of weapon or weapons system. Conventional kinetic weapons are included of course, as are radiological weapons, poison gas, other chemical weapons, biological weapons and laser weapons. There is therefore no reason not to qualify a cyber attack against a computer or information system as an armed attack if the consequences are comparable to those of an attack with conventional or unconventional weapons. In other words, if a cyber attack leads to a significant number of fatalities or causes substantial physical damage or destruction to vital infrastructure, military platforms or installations or civil property, it could certainly be qualified as an armed attack within the meaning of article 51 of the UN Charter. The fact that such an attack has not yet taken place does not mean it could not in the foreseeable future. A digital attack against information systems linked to vital infrastructure, military installations and platforms for weapons systems or vital services, such as the emergency services or air traffic control systems, could breach the threshold of an armed attack if it causes significant loss of life or physical destruction. It is more difficult to conclude whether this is the case if there are no actual or potential fatalities, casualties or physical damage. A serious, organised cyber attack on essential functions of the state could conceivably be qualified as an armed attack within the meaning of article 51 of the UN Charter if it could or did lead to serious disruption of the functioning of the state or serious and long-lasting consequences for the stability of the state. In such cases, there must be a disruption of the state and/or society, or a sustained attempt thereto, and not merely an impediment to or delay in the normal performance of tasks for it to be qualified as an armed attack. A disruption of banking transactions or the hindrance of government activity would not qualify as an armed attack. However, a cyber attack that targets the entire financial system or prevents the government from carrying out essential tasks, for example an attack on the entire military communication and command network that makes it impossible to deploy the armed forces, could well be equated with an armed attack. Organised groups As in conventional forms of attack, the perpetrator of such a cyber attack could be a state or an organised group acting under the authority or control of a state. It is less clear whether an autonomous group acting of its own volition without the involvement or support of a state can launch a cyber attack of this nature. Neither customary law nor article 51 of the UN Charter excludes the option of self-defence in response to an attack by an organised group that has comparable consequences to a direct or indirect attack by a state. Its exercise in cyberspace, however, entails specific problems. Since computer networks are connected all over the world, the term organised group in this context differs considerably from that used in the physical domain. A cyber attack on vital infrastructure could be conducted by, 21

Cyber Security Strategy for Germany

Cyber Security Strategy for Germany Cyber Security Strategy for Germany Contents Introduction 2 IT threat assessment 3 Framework conditions 4 Basic principles of the Cyber Security Strategy 4 Strategic objectives and measures 6 Sustainable

More information

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer

More information

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM Information & Security: An International Journal Valentyn Petrov, vol.31, 2014, 73-77 http://dx.doi.org/10.11610/isij.3104 ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY

More information

Harmful Interference into Satellite Telecommunications by Cyber Attack

Harmful Interference into Satellite Telecommunications by Cyber Attack Kobe and QM Symposium on International Law "Diversity of Transnational Criminal Justice" Harmful Interference into Satellite Telecommunications by Cyber Attack 10 April 2015 Yuri Takaya Research Fellow/Lecturer,

More information

Appendix 2 Deterrence as a security concept against cyber threats

Appendix 2 Deterrence as a security concept against cyber threats Appendix 2 Deterrence as a security concept against cyber threats Sico van der Meer Current situation Cyber threats, also referred to as digital threats, are among the greatest threats currently facing

More information

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28),

Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), Germany: Report on Developments in the Field of Information and Telecommunications in the Context of International Security (RES 69/28), General appreciation of the issues of information security Information

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

The UK cyber security strategy: Landscape review. Cross-government

The UK cyber security strategy: Landscape review. Cross-government REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape

More information

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy

Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy Testimony of Matthew Rhoades Director Cyberspace & Security Program Truman National Security Project & Center for National Policy House Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure

More information

Legislative Language

Legislative Language Legislative Language SECTION 1. DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY. Title II of the Homeland Security Act of 2002 (6 U.S.C. 121 et seq.) is amended (a) in section 201(c) by striking

More information

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD The 2011 2015 Cyber Security Strategy of the Czech Republic is linked to the Security Strategy of the Czech Republic and reflects

More information

Cyber Diplomacy A New Component of Foreign Policy 6

Cyber Diplomacy A New Component of Foreign Policy 6 Cyber Diplomacy A New Component of Foreign Policy 6 Assistant Lecturer Dana DANCĂ, PhD. candidate Titu Maiorescu University, Bucharest dana.danca@yahoo.com Abstract Nowadays, the boundary between virtual

More information

Cyber Security Summit China and Cyber Warfare Desmond Ball 25 July 2011

Cyber Security Summit China and Cyber Warfare Desmond Ball 25 July 2011 Cyber Security Summit China and Cyber Warfare Desmond Ball 25 July 2011 Notes abstracted from Desmond Ball, China s Cyber Warfare Capabilities, Security Challenges, Vol. 7, No. 2, Winter 2011, pp. 81-103).

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

The National Cyber Security Strategy (NCSS) Success through cooperation

The National Cyber Security Strategy (NCSS) Success through cooperation The National Cyber Security Strategy (NCSS) Success through cooperation 1. Introduction The Netherlands stands for safe and reliable ICT 1 and the protection of the openness and freedom of the Internet.

More information

Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: Introduction Political cyber attacks

Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: Introduction Political cyber attacks 1 Session 9 Cyber threats in the EU s and NATO s new strategic context General Kees Homan: remarks prepared for the CCADD conference in Paris, September 2014 Introduction Cyberspace has become part of

More information

2. SECURITY OF COMMUNICATION AND INFORMATION SYSTEMS IN THE GLOBALIZATION PROCESS

2. SECURITY OF COMMUNICATION AND INFORMATION SYSTEMS IN THE GLOBALIZATION PROCESS CYBER SECURITY WITHIN THE GLOBALIZATION PROCESS Milan PODHOREC University of Defence, Faculty of Economics and Management, Brno, Czech Republic The contribution focuses on the issue regarding security

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation. Keynote Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation 6 & 7 Nov 2013 So many of us now don t just work online but live part

More information

THE STRATEGIC POLICING REQUIREMENT. July 2012

THE STRATEGIC POLICING REQUIREMENT. July 2012 THE STRATEGIC POLICING REQUIREMENT July 2012 Contents Foreward by the Home Secretary...3 1. Introduction...5 2. National Threats...8 3. Capacity and contribution...9 4. Capability...11 5. Consistency...12

More information

A Detailed Strategy for Managing Corporation Cyber War Security

A Detailed Strategy for Managing Corporation Cyber War Security A Detailed Strategy for Managing Corporation Cyber War Security Walid Al-Ahmad Department of Computer Science, Gulf University for Science & Technology Kuwait alahmed.w@gust.edu.kw ABSTRACT Modern corporations

More information

Jürgen Menner is University education in Mathematics

Jürgen Menner is University education in Mathematics 142 Jürgen Menner is University education in Mathematics (MSc) and Electrical Engineering (MSc). Officer of the Army Maintenance Corps. German and Brazilian general staff officer s training. Assistant

More information

Memorandum of Principle and Rationale of [Draft] National Cybersecurity Act B.E. Principle To legislate on the maintenance of national Cybersecurity.

Memorandum of Principle and Rationale of [Draft] National Cybersecurity Act B.E. Principle To legislate on the maintenance of national Cybersecurity. Memorandum of Principle and Rationale of [Draft] National Cybersecurity Act B.E. Principle To legislate on the maintenance of national Cybersecurity. Rationale The use of Information Technology (IT) in

More information

REPUBLIC OF LATVIA MINISTRY OF DEFENCE NATIONAL ARMED FORCES CYBER DEFENCE UNIT (CDU) CONCEPT

REPUBLIC OF LATVIA MINISTRY OF DEFENCE NATIONAL ARMED FORCES CYBER DEFENCE UNIT (CDU) CONCEPT REPUBLIC OF LATVIA MINISTRY OF DEFENCE NATIONAL ARMED FORCES CYBER DEFENCE UNIT (CDU) CONCEPT Riga 2013 Introduction In accordance with the National Security Concept, information technology threats or

More information

Cyberspace Situational Awarness in National Security System

Cyberspace Situational Awarness in National Security System Cyberspace Situational Awarness in National Security System Rafał Piotrowski, Joanna Sliwa, Military Communication Institute C4I Systems Department Zegrze, Poland, r.piotrowski@wil.waw.pl, j.sliwa@wil.waw.pl

More information

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco.

The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. The Senior Executive s Role in Cybersecurity. By: Andrew Serwin and Ron Plesco. 1 Calling All CEOs Are You Ready to Defend the Battlefield of the 21st Century? It is not the norm for corporations to be

More information

The main object of my research is :

The main object of my research is : The main object of my research is : «War» I try to analyse the mutual impacts between «new wars» and the evolution of the international system More especially my research is about what we call»cyber-war«or»cyber-conflicts«is

More information

BRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS

BRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS ARF WORKSHOP 21-22 JUNE 2005 ULAANBAATAR, MONGOLIA BRUNEI DARUSSALAM'S SECURITY CONCEPTS AND PERCEPTIONS Overall, Brunei Darussalam security assessment remains peaceful and stable. However, the range of

More information

Dear Delegates, It is a pleasure to welcome you to the 2014 Montessori Model United Nations Conference.

Dear Delegates, It is a pleasure to welcome you to the 2014 Montessori Model United Nations Conference. Dear Delegates, It is a pleasure to welcome you to the 2014 Montessori Model United Nations Conference. The following pages intend to guide you in the research of the topics that will be debated at MMUN

More information

working group on foreign policy and grand strategy

working group on foreign policy and grand strategy A GRAND STRATEGY ESSAY Managing the Cyber Security Threat by Abraham Sofaer Working Group on Foreign Policy and Grand Strategy www.hoover.org/taskforces/foreign-policy Cyber insecurity is now well established

More information

CYBER SECURITY THREATS AND RESPONSES

CYBER SECURITY THREATS AND RESPONSES CYBER SECURITY THREATS AND RESPONSES AT GLOBAL, NATION-STATE, INDUSTRY AND INDIVIDUAL LEVELS Heli Tiirmaa-Klaar* Although cyber security has accompanied the ICT sector since the first computer systems

More information

Cyber security guide for boardroom members

Cyber security guide for boardroom members Cyber security guide for boardroom members 2 Cyber security guide for boardroom members Cyber security at strategic level Our society is rapidly digitising, and we are all reaping the benefits. Our country

More information

Public Private Partnerships and National Input to International Cyber Security

Public Private Partnerships and National Input to International Cyber Security Public Private Partnerships and National Input to International Cyber Security 10 September 2009 Tallinn, Estonia Maeve Dion Center for Infrastructure Protection George Mason University School of Law Arlington,

More information

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey.

Cybersecurity & International Relations. Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey. Cybersecurity & International Relations Assist. Prof. D. ARIKAN AÇAR, Ph.D. Department of International Relations, Yaşar University, Turkey. Cybersecurity & IR This part of the IWOSI aims to link the Information

More information

STRATEGIC OBJECTIVE 2.4 OVERCOME GLOBAL SECURITY CHALLENGES THROUGH DIPLOMATIC ENGAGEMENT AND DEVELOPMENT COOPERATION

STRATEGIC OBJECTIVE 2.4 OVERCOME GLOBAL SECURITY CHALLENGES THROUGH DIPLOMATIC ENGAGEMENT AND DEVELOPMENT COOPERATION Performance Goal 2.4.1 By September 30, 2017, achieve key milestones to promote arms control and nonproliferation by implementing the President s Prague Agenda of steps toward a world without nuclear weapons;

More information

Panel 3: Applicability of International Law to Cyberspace & Characterization of Cyber Incidents

Panel 3: Applicability of International Law to Cyberspace & Characterization of Cyber Incidents Panel 3: Applicability of International Law to Cyberspace & Characterization of Cyber Incidents Catherine Lotrionte and Eneken Tikk, co-chairs Cyber security and the acceptable behavior of state and non-state

More information

ARI 26/2013 (Translated from Spanish) 17 September 2013. Cyber cells: a tool for national cyber security and cyber defence

ARI 26/2013 (Translated from Spanish) 17 September 2013. Cyber cells: a tool for national cyber security and cyber defence ARI ARI 26/2013 (Translated from Spanish) 17 September 2013 Cyber cells: a tool for national cyber security and cyber defence Thiber Theme 1 Cyber cells are effective tools that enable countries to operate,

More information

Security Policy for ActionAid International Approved version

Security Policy for ActionAid International Approved version Security Policy for ActionAid International Approved version Introduction This document sets out the overall principles for managing security within ActionAid International (AAI), as set by the Board.

More information

On the European experience in critical infrastructure protection

On the European experience in critical infrastructure protection DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV ratchevv@yahoo.com @ratchevv DCAF/CSDM 1 This presentation

More information

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773

ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 ROCKEFELLER SNOWE CYBERSECURITY ACT SUBSTITUTE AMENDMENT FOR S.773 March 17, 2010 BACKGROUND & WHY THIS LEGISLATION IS IMPORTANT: Our nation is at risk. The networks that American families and businesses

More information

National Cyber Security Strategy 2

National Cyber Security Strategy 2 National Cyber Security Strategy 2 From awareness to capability Ministerie van Volksgezondheid, Welzijn en Sport Titel brochure hier invullen 1 2 National Cyber Security Strategy (NCSS) 2 From awareness

More information

Danish lessons learned: The comprehensive/integrated approach after Iraq and Afghanistan

Danish lessons learned: The comprehensive/integrated approach after Iraq and Afghanistan Military Studies Magazine Danish lessons learned: The comprehensive/integrated approach after Iraq and Afghanistan by Peter Viggo Jakobsen Photo: Forsvaret ISSUE 01, VOLUME 02, 2014 1 Subcribe at fak.dk/eng/magazine

More information

HMG Security Policy Framework

HMG Security Policy Framework HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of

More information

CHAPTER 13: International Law, Norms, and Human Rights

CHAPTER 13: International Law, Norms, and Human Rights CHAPTER 13: International Law, Norms, and Human Rights MULTIPLE CHOICE 1. Why did the former Secretary General of the United Nations, Kofi Annan, state that the US invasion of Iraq in 2003 was illegal?

More information

The Defence Strategy of the Slovak Republic

The Defence Strategy of the Slovak Republic The Defence Strategy of the Slovak Republic approved by the National Council of the Slovak Republic 23 September 2005 TABLE OF CONTENTS Introduction I II III IV V Slovak Republic in the Changing Security

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

Trends Concerning Cyberspace

Trends Concerning Cyberspace Section 2 Trends Concerning Cyberspace 1 Cyberspace and Security Owing to the information technology (IT) revolution in recent years, information and communication networks such as the Internet are becoming

More information

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS INTER-AMERICAN COMMITTEE AGAINST TERRORISM (CICTE) TWELFTH REGULAR SESSION OEA/Ser.L/X.2.12 7 March, 2012 CICTE/DEC.1/12 rev. 1 Washington, D.C.

More information

the Council of Councils initiative

the Council of Councils initiative Author: Andrea Renda, Senior Research Fellow, Centre for European Policy Studies May 3, 2013 Editor's note: This brief is a feature of the Council of Councils initiative, gathering opinions from global

More information

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU Cybersecurity Global status update Dr. Hamadoun I. Touré Secretary-General, ITU Cybercrime takes a toll on the global economy - Online fraud, identity theft, and lost intellectual property; - On governments,

More information

In an age where so many businesses and systems are reliant on computer systems,

In an age where so many businesses and systems are reliant on computer systems, Cyber Security Laws and Policy Implications of these Laws In an age where so many businesses and systems are reliant on computer systems, there is a large incentive for maintaining the security of their

More information

The Danish Cyber and Information Security Strategy

The Danish Cyber and Information Security Strategy February 2015 The Danish Cyber and Information Security Strategy 1. Introduction In December 2014 the Government presented a National Cyber and Information Security Strategy containing 27 government initiatives

More information

Regulating and Monitoring Private Military and Security Companies in United Nations Peacekeeping Operations. Stephen Mathias 1

Regulating and Monitoring Private Military and Security Companies in United Nations Peacekeeping Operations. Stephen Mathias 1 Regulating and Monitoring Private Military and Security Companies in United Nations Peacekeeping Operations Stephen Mathias 1 Introduction The nature of United Nations (UN) peace operations means that

More information

Cyber defence in the EU Preparing for cyber warfare?

Cyber defence in the EU Preparing for cyber warfare? Preparing for cyber warfare? SUMMARY In recent years, cyber attacks on a serious scale have become a matter of concern to states, due to the threat they can pose to national security, but also a potential

More information

Home Security: Russia s Challenges

Home Security: Russia s Challenges Home Security: Russia s Challenges A Russian Perspective Andrei Fedorov * Home security: Russia s challenges Home security and the struggle against terrorism is one of the most crucial issues for the Russian

More information

Regulation of Investigatory Powers Act 2000

Regulation of Investigatory Powers Act 2000 Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice 6 February 2015 Ministerial Foreword The abilities to read or listen

More information

Adopted by the Security Council at its 5430th meeting, on 28 April 2006

Adopted by the Security Council at its 5430th meeting, on 28 April 2006 United Nations S/RES/1674 (2006) Security Council Distr.: General 28 April 2006 Resolution 1674 (2006) Adopted by the Security Council at its 5430th meeting, on 28 April 2006 The Security Council, Reaffirming

More information

Cyber Security and Infrastructure: Problems of Today, Challenges for Tomorrow

Cyber Security and Infrastructure: Problems of Today, Challenges for Tomorrow Cyber Security and Infrastructure: Problems of Today, Challenges for Tomorrow Herb Lin Computer Science and Telecommunications Board NAE Convocation of Engineering Professional Societies Washington DC

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Active Engagement, Modern Defence

Active Engagement, Modern Defence Strategic Concept For the Defence and Security of The Members of the North Atlantic Treaty Organisation Adopted by Heads of State and Government in Lisbon Active Engagement, Modern Defence Preface We,

More information

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 21.9.2005 COM(2005) 438 final 2005/0182 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the retention of data processed

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

1 FOCUS Foresight Security Scenarios

1 FOCUS Foresight Security Scenarios New Security Studies Rachel Suissa (Ph.D) University of Haifa, Israel In today s globalised setting, the challenge of maintaining security is no longer limited to the traditional foreign-policy and military

More information

Federal Act on Private Security Services provided Abroad

Federal Act on Private Security Services provided Abroad English is not an official language of the Swiss Confederation. This translation is provided for information purposes only and has no legal force. Federal Act on Private Security Services provided Abroad

More information

Police use of Firearms

Police use of Firearms CODE OF PRACTICE ON Police use of Firearms and Less Lethal Weapons Contents 1. Introduction 1.1 Purpose of the code 1 1.2 Statutory basis of the code 1 1.3 Weapons covered by this code 2 1.4 Armed support

More information

The Comprehensive National Cybersecurity Initiative

The Comprehensive National Cybersecurity Initiative The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we

More information

WRITTEN TESTIMONY OF

WRITTEN TESTIMONY OF WRITTEN TESTIMONY OF KEVIN MANDIA CHIEF EXECUTIVE OFFICER MANDIANT CORPORATION BEFORE THE SUBCOMMITTEE ON CRIME AND TERRORISM JUDICIARY COMMITTEE UNITED STATES SENATE May 8, 2013 Introduction Thank you

More information

ORIGINAL: ENGLISH 11th May, 1967 DOCUMENT DPC/D(67)23. DEFENCE PLANNING COMMITTEE Decisions of Defence Planning Committee in Ministerial Session

ORIGINAL: ENGLISH 11th May, 1967 DOCUMENT DPC/D(67)23. DEFENCE PLANNING COMMITTEE Decisions of Defence Planning Committee in Ministerial Session ORIGINAL: ENGLISH 11th May, 1967 DOCUMENT DEFENCE PLANNING COMMITTEE Decisions of Defence Planning Committee in Ministerial Session Note by the Chairman I attach for your information a list of the decisions

More information

IMPROVING THE RESOLUTION OF TAX TREATY DISPUTES

IMPROVING THE RESOLUTION OF TAX TREATY DISPUTES ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT IMPROVING THE RESOLUTION OF TAX TREATY DISPUTES (Report adopted by the Committee on Fiscal Affairs on 30 January 2007) February 2007 CENTRE FOR TAX

More information

Corporate Manslaughter and Corporate Homicide Bill

Corporate Manslaughter and Corporate Homicide Bill Corporate Manslaughter and Corporate Homicide Bill Suggested amendments for House of Commons Report Stage November 2006 For further information contact Sally Ireland, Senior Legal Officer (Criminal Justice)

More information

BWC/CONF.V/COW/WP.28 STOCKPILING OF BACTERIOLOGICAL 27 November 2001 (BIOLOGICAL) AND TOXIN WEAPONS AND ON THEIR DESTRUCTION PROPOSALS

BWC/CONF.V/COW/WP.28 STOCKPILING OF BACTERIOLOGICAL 27 November 2001 (BIOLOGICAL) AND TOXIN WEAPONS AND ON THEIR DESTRUCTION PROPOSALS FIFTH REVIEW CONFERENCE OF THE STATES PARTIES TO THE CONVENTION ON THE PROHIBITION OF THE DEVELOPMENT, PRODUCTION AND BWC/CONF.V/COW/WP.28 STOCKPILING OF BACTERIOLOGICAL 27 November 2001 (BIOLOGICAL) AND

More information

Europol Unclassified Basic Protection Level VACANCY NOTICE

Europol Unclassified Basic Protection Level VACANCY NOTICE The Hague, 16 March 2015 Reg. nº: Europol/2015/TA/AD6/185 VACANCY NOTICE Name of the post: Specialist in Computer Forensics and Malware Analysis within the European Cyber Crime Centre (EC3) Business Area

More information

Cyber intelligence exchange in business environment : a battle for trust and data

Cyber intelligence exchange in business environment : a battle for trust and data Cyber intelligence exchange in business environment : a battle for trust and data Experiences of a cyber threat information exchange research project and the need for public private collaboration Building

More information

A Community Position paper on. Law of CyberWar. Paul Shaw. 12 October 2013. Author note

A Community Position paper on. Law of CyberWar. Paul Shaw. 12 October 2013. Author note A Community Position paper on Law of CyberWar Paul Shaw 12 October 2013 Author note This law and cyberwar paper / quasi-treatise was originally written for a course in a CISO certification curriculum,

More information

Confrontation or Collaboration?

Confrontation or Collaboration? Confrontation or Collaboration? Congress and the Intelligence Community Cyber Security and the Intelligence Community Eric Rosenbach and Aki J. Peritz Cyber Security and the Intelligence Community The

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

235.1. Federal Act on Data Protection (FADP) Aim, Scope and Definitions

235.1. Federal Act on Data Protection (FADP) Aim, Scope and Definitions English is not an official language of the Swiss Confederation. This translation is provided for information purposes only and has no legal force. Federal Act on Data Protection (FADP) 235.1 of 19 June

More information

UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity & Illicit Trafficking of BW-Related Materials

UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity & Illicit Trafficking of BW-Related Materials UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity & Illicit Trafficking of BW-Related Materials Dana Perkins, PhD 1540 Committee Expert Biological Weapons Convention

More information

DEMOCRATIC REPUBLIC OF TIMOR-LESTE NATIONAL PARLIAMENT

DEMOCRATIC REPUBLIC OF TIMOR-LESTE NATIONAL PARLIAMENT DEMOCRATIC REPUBLIC OF TIMOR-LESTE NATIONAL PARLIAMENT LAW No. /2003 INTERNAL SECURITY Ensuring internal security constitutes a pre-condition for safeguarding the peace and stability of any sovereign country

More information

Summary. Russian-Dutch Bilateral Seminar

Summary. Russian-Dutch Bilateral Seminar Summary Russian-Dutch Bilateral Seminar "THE ROLE OF NUCLEAR INDUSTRY IN NUCLEAR SECURITY GOVERNANCE: MOVING TO THE 2014 NUCLEAR SECURITY SUMMIT IN THE HAGUE" On September 3, 2013 PIR Center and the Embassy

More information

Honourable members of the National Parliaments of the EU member states and candidate countries,

Honourable members of the National Parliaments of the EU member states and candidate countries, Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National

More information

Cyber Security Strategy

Cyber Security Strategy 2014 2017 Cyber Security Strategy Ministry of Economic Affairs and Communication 2014 TABLE OF CONTENTS Introduction... 2 1. Analysis of current situation... 2 1.1. Sectoral progress... 2 1.2. Trends...

More information

Five Principles for Shaping Cybersecurity Norms

Five Principles for Shaping Cybersecurity Norms TRANSPARENCY PROPORTIONALITY HARMONIZATION RISK REDUCTION COLLABORATION Five Principles for Shaping Cybersecurity Norms Contents Introduction 3 Cybersecurity Norms 5 The Role of the Public Sector 6 Cybersecurity

More information

Action Plan 2010-2015 for Canada s Cyber Security Strategy

Action Plan 2010-2015 for Canada s Cyber Security Strategy Action Plan -2015 for Canada s Cyber Security Strategy Her Majesty the Queen in Right of Canada, 2013 Cat: PS9-1/2013E-PDF ISBN: 978-1-100-21895-3 ii Introduction Information technology is highly integrated

More information

De voorzitter van de Tweede Kamer der Staten-Generaal Binnenhof 4 2513 AA 's-gravenhage

De voorzitter van de Tweede Kamer der Staten-Generaal Binnenhof 4 2513 AA 's-gravenhage > Retouradres Postbus 20401 2500 EK Den Haag De voorzitter van de Tweede Kamer der Staten-Generaal Binnenhof 4 2513 AA 's-gravenhage Datum Betreft Verwerven van overwegende zeggenschap in een telecommunicatiebedrijf

More information

COUNCIL OF EUROPE COMMITTEE OF MINISTERS

COUNCIL OF EUROPE COMMITTEE OF MINISTERS COUNCIL OF EUROPE COMMITTEE OF MINISTERS Recommendation Rec(2006)8 of the Committee of Ministers to member states on assistance to crime victims (Adopted by the Committee of Ministers on 14 June 2006 at

More information

COMPUTER MISUSE AND CYBERSECURITY ACT (CHAPTER 50A)

COMPUTER MISUSE AND CYBERSECURITY ACT (CHAPTER 50A) COMPUTER MISUSE AND CYBERSECURITY ACT (CHAPTER 50A) (Original Enactment: Act 19 of 1993) REVISED EDITION 2007 (31st July 2007) An Act to make provision for securing computer material against unauthorised

More information

RUAG Cyber Security. More security for your data

RUAG Cyber Security. More security for your data RUAG Cyber Security More security for your data More security in cyberspace The RUAG Cyber Security Portfolio offers greater protection for your data through inspection, event analysis and decision-making

More information

NEW ZEALAND S CYBER SECURITY STRATEGY

NEW ZEALAND S CYBER SECURITY STRATEGY Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital

More information

The European Security Strategy Austrian Perspective

The European Security Strategy Austrian Perspective Erich Reiter and Johann Frank The European Security Strategy Austrian Perspective The following essay gives the Austrian view on the ESS from a security political perspective and analyses the needs and

More information

CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES

CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES COMMITTEE OF EXPERTS ON TERRORISM (CODEXTER) CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES GERMANY September 2007 Kapitel 1 www.coe.int/gmt A. National policy 1. Is there a national policy

More information

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN2249-9598, Volume-III, Issue-IV, July-Aug 2013

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN2249-9598, Volume-III, Issue-IV, July-Aug 2013 Need to understand Cyber Crime s Impact over national Security in India: A case study P.R. Patil and D.V. Bhosale Dept. of Defence & Strategic Studies, Tuljaram Chaturchand College, Baramati, Dist- Pune,

More information

SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012

SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012 SUMMARY OF THE ESTONIAN INFORMATION SYSTEM S AUTHORITY ON ENSURING CYBER SECURITY IN 2012 Cyberspace is both an ecosystem consisting of an infrastructure and services, and an environment where and through

More information

LAW ON MILITARY SECURITY AGENCY AND MILITARY INTELLIGENCE AGENCY I GENERAL PROVISIONS. Article 1

LAW ON MILITARY SECURITY AGENCY AND MILITARY INTELLIGENCE AGENCY I GENERAL PROVISIONS. Article 1 LAW ON MILITARY SECURITY AGENCY AND MILITARY INTELLIGENCE AGENCY I GENERAL PROVISIONS Article 1 This Law shall regulate competences, activities, tasks, authority, oversight and control of the Military

More information

Cyber Security Strategy for Defence

Cyber Security Strategy for Defence DEFENCE ACST Strategy-CyberSecurity-001 Page 1 / 18 Strategy Department Cyber Security Strategy for Defence Tel Edited by ACOS STRAT 9-2400-6455 Approved by CHOD Published by ACOS STRAT 9-2400-6455 Page

More information

A national action plan focused on human rights defenders

A national action plan focused on human rights defenders A national action plan focused on human rights defenders Submission for Irish National Action Plan on Business and Human Rights March 2015 Michael Ineichen, Ben Leather, Phil Lynch, Joel Lazar and Laia

More information

Subject: Critical Infrastructure Identification, Prioritization, and Protection

Subject: Critical Infrastructure Identification, Prioritization, and Protection For Immediate Release Office of the Press Secretary The White House December 17, 2003 Homeland Security Presidential Directive / HSPD-7 Subject: Critical Infrastructure Identification, Prioritization,

More information